The FTC says Zoom misled consumers about their security
The Federal Trade Commission (FTC) announced a settlement with Zoom on Nov. 9 that will force the company to tighten its security to be consistent with its advertising.
A complaint filed by the FTC alleges that since 2016 Zoom has been misleading users of its service with their claims of high-end security.
According to the complaint, Zoom’s security fell short of its promises, and in some cases posed a security risk to computers it was running on.
Such was the case in 2018 when Zoom installed software onto Mac products without user consent. The software, which bypassed Apple’s built-in browser security, increased the risk of malware and could even re-install Zoom without user input.
The FTC claims that Zoom advertised end-to-end encryption when in reality Zoom could access the content of any meeting, which were running on much lower security than promised.
James Turk, founder of the Centre for Free Expression, said Zoom’s claims of security have been met with scrutiny for some time.
“Lots of organizations, including most law firms, still don’t use Zoom for anything around which their security is concerned,” he said.
Turk outlined several alternative applications that are made with security in mind, such as Signal – a free, secure messaging app developed by Edward Snowden.
As per the settlement with the FTC, it will “require the company (Zoom) to implement a robust information security program.”
“Zoom has agreed to a requirement to establish and implement a comprehensive security program, a prohibition on privacy and security misrepresentations, and other detailed and specific relief to protect its user base,” reads the settlement.